Search form

You are here

MS Office Now Top Target for Hackers: Report

by John Lister on April, 18 2019 at 01:04PM EDT

Hackers are now far more likely to target Microsoft Office than web browsers according to a security firm. Kaspersky Labs says the big problem is that fixing some of the most common
MS Office flaws would cause serious compatibility problems.

The figures are based on the number of users affected, rather than the sheer
volume of attacks. That's arguably more informative as it doesn't treat all attacks as equally significant.

Kaspersky compared the last three months of 2018 with the same period in 2016 and found a dramatic difference in just two years.

Browsers and Flash Less of a Problem

In the 2016 period, 45 percent of attacked users were targeted through a web browser, with other
attack vectors being the Android system at 19 percent, Office at 16 percent, Adobe Flash
at 13 percent, Java at 6 percent and PDF files at 1 percent. (Source: kaspersky.co.uk)

In 2017, the figure for Office had rocketed up to 70 percent, with browsers down to 14 percent, Android down to 12 percent, Java
at three percent, Flash at one percent, and PDF at roughly zero percent (rounded down).

It's only fair to note that a big degree of the shift is simply other attack methods becoming less exploited. Web browsers have likely become less successfully targeted thanks to the ongoing abandonment of Internet Explorer. In turn, Flash is rapidly disappearing from the web as browsers such as Chrome intentionally limit its functionality and will soon block it altogether.

Office Hit By Legacy Flaws

Kaspersky says that MS Office remains an attractive option for hackers. That's partly because it has many complicated interactions with Windows and file formats that create security holes, yet exploiting those flaws is often a relatively unsophisticated operation.

The company also suggests that MS Office has several fundamental design flaws from a security perspective, most notably a lack of the built-in security measures you'd expect from a modern program. That's because
MS Office tends to be continually tweaked and updated, rather than being created completely for scratch.

Kaspersky says fixing this now becomes tricky because it would make it much harder for the most recent editions of
MS Word to continue to smoothly handle files created in older editions. (Source: theregister.co.uk)

What's Your Opinion?

Are you surprised Office is such a big hacker target today? Do you think it is fundamentally flawed or is it just that other targets have become less attractive in comparison? Would compatibility problems be a price worth paying for increased security?

Programs are made by human beings and are therefore prone to error. Therefore, any software program can have bugs which can be exploited.

Hackers / criminals usually go where the market share is, so MS Office is a huge attack vector. Libre Office is a free alternative to MS Office - but is not as popular (and therefore has less market share). Switching to that may protect you against MS Office bugs since they are not the same program, however, Libre Office is just as susceptible to bugs / exploits just like MS Office. As such, you are only trading one problem for another.

The same 'marketshare' idea is true about MS Windows vs Mac vs Linux. MS Windows has a bigger market share, so it is targeted more. If Mac had more market share then hackers would target that instead because it would be more financially rewarding.

To put it simply: you can't avoid bugs / exploits 100% of the time, but you can do things such as patch your PC to make sure it is up to date (using Windows Update), use an up-to-date operating system (Windows 10 instead of Vista or Windows 7), use antivirus, etc, etc. All of this is mentioned in an article that I wrote previously, which you can read here.

Please read this article as it applies to 99.99999% of all cases when it comes to staying secure against any kind of threat. To put it simply: use an updated operating system, patch the system, ensure you have adequate antivirus / antimalware protection, a firewall - and most importantly, MAKE BACKUPS REGULARLY.